Privacy Policy

This policy is effective as of 27th February 2025

1. Introduction

We at Surrey AI Centre operating as Cortx AI Limited (“Cortx AI,” “we,” “us,” or “our”) respect your privacy and are committed to processing personal data in accordance with the General Data Protection Regulation (“GDPR”) and other applicable data protection laws. This Privacy Policy explains which personal information we collect, how we use it, and the measures we take to keep it secure. It also sets out your rights in relation to your personal information and details on how to contact us.

By using our website, products, or services (collectively, the “Services”), you acknowledge that you have read and understood this Privacy Policy.

Company Number: 15284483
Registered Address: Sutton Vale Country Club, Vale Road, Dover, England, CT15 5DH
Contact Email: privacy@cortx.co

2. Personal Information We Collect

2.1. Information You Provide to Us

We collect information that you voluntarily provide when you:

  • Register or create an account with us;

  • Fill out forms (such as contact or subscription forms);

  • Correspond with us via email, chat, or other channels;

  • Post comments or content on our website;

  • Participate in surveys, promotions, or events that we host or sponsor.

Such personal information may include your name, email address, postal address, phone number, login credentials, payment or billing information, and any additional information you choose to share (e.g., in customer support requests or comments).

2.2. Automatic Data Collection

When you use our Services, we may collect certain information automatically from your device, including your IP address, browser type, time zone, operating system, and other technical information. We gather this data through cookies, log files, web beacons, and analytics tools to understand how you use our Services and to enhance the user experience.

2.3. User Comments and Uploaded Content

If you post comments, reviews, or other content (including text, images, or videos) on our website, we collect and process the information you provide. Please note that personal information included in publicly accessible sections may be read, collected, or used by others. We encourage you to exercise caution when deciding to disclose personal information in publicly accessible areas.

2.4. Information from Other Sources

We may receive information about you from third parties, such as social media platforms (if you link or interact with us there), marketing or advertising partners, and publicly available sources. We may combine this data with information collected directly to tailor and improve our Services or for other lawful business purposes.

3. Legal Basis for Processing

Under the GDPR, we rely on one or more of the following legal bases to process your personal information:

  • Consent – for example, where you have given us permission to send you marketing materials.

  • Performance of a contract – to provide Services you have requested.

  • Compliance with legal obligations – such as maintaining accounting records.

  • Legitimate interests – where our interests are not overridden by your fundamental rights and freedoms.

4. How We Use Personal Information

We use your personal information to:

  • Provide and maintain our Services.

  • Personalize and improve your experience.

  • Communicate with you, including for marketing purposes (where legally permitted).

  • Process payments and manage billing.

  • Enforce our terms, agreements, or policies.

  • Comply with legal obligations and protect our legal rights.

  • Detect, prevent, and address fraud, security, or technical issues.

4.1. In Mails and Contact Forms

When you send us an email or submit an inquiry through our contact forms, we process your personal information (e.g., name, email address, and the content of your message) to respond to your requests or provide the information you need.

5. Data Retention

We retain your personal information only for as long as necessary to fulfill the purposes for which it was collected, or as required by law. The specific retention period depends on the nature of the information and the purposes for which it is processed. We may also anonymize or aggregate data for analytical purposes, in which case we may use this information indefinitely without further notice.

6. Data Shared with Third Parties

We may share your personal information with:

  • Service providers and business partners who assist us in operating our Services (e.g., hosting providers, payment processors).

  • Authorities or governmental bodies, where we are legally required to do so.

  • Successor entities in the event of a business transaction (e.g., merger, acquisition, or asset sale).

We do not sell, rent, or trade your personal information to unaffiliated third parties for marketing purposes.

7. Security Measures

We take reasonable and appropriate technical and organizational measures to protect your personal information against unauthorized or unlawful processing, accidental loss, destruction, or damage. While we strive to protect your data, no method of electronic transmission or storage is entirely secure, and we cannot guarantee its absolute security.

8. Children’s Privacy

Our Services are not directed to children under the age of 16, and we do not knowingly collect personal information from them. If you become aware that a child under the age of 16 has provided us with personal data without parental consent, please contact us at privacy@cortx.co, and we will take steps to remove such information and terminate any related accounts.

9. Your Rights Under GDPR

Under the GDPR, you have the right to:

  • Access the personal data we hold about you.

  • Rectify any inaccuracies or incomplete data.

  • Erase your personal data under certain conditions (“right to be forgotten”).

  • Restrict our processing of your personal data.

  • Object to the processing of your personal data, including for direct marketing purposes.

  • Data portability – receive your personal data in a structured, commonly used, machine-readable format.

  • Withdraw consent at any time, where processing is based on your consent.

  • Lodge a complaint with a supervisory authority in your country of residence or workplace.

To exercise any of these rights, please contact us at privacy@cortx.co. We may require you to verify your identity before responding to your request.

10. International Data Transfers

When you access or use our Services, your personal information may be transferred to and processed in countries outside the European Economic Area (EEA). In such cases, we ensure appropriate safeguards (such as Standard Contractual Clauses) are in place to protect your personal data in accordance with GDPR standards.

11. Changes in the Privacy Policy

We may update or modify this Privacy Policy from time to time to reflect changes in our practices or for other operational, legal, or regulatory reasons. Any changes will become effective upon posting the revised policy on our website. Your continued use of our Services after any such modifications indicates your acceptance of the updated Privacy Policy.

12. How to Contact Us

If you have any questions, concerns, or suggestions regarding this Privacy Policy or how we handle your personal data, please contact us at:

privacy@cortx.co
Surrey AI Centre operating as Cortx AI Limited
Sutton Vale Country Club
Vale Road
Dover, England, CT15 5DH

We will do our best to address and resolve any issues you bring to our attention.